jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity

Fix crash in secret scanning middleware for invalid versions (#58792)

Browse Source
This commit is contained in:
Kevin Heis
2025-12-10 10:56:23 -08:00
committed by GitHub
parent 5b4430431c
commit 29a79eb623
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/secret-scanning/middleware/secret-scanning.ts
View File

@@ -30,6 +30,10 @@ export default async function secretScanning(
const { isEnterpriseCloud, isEnterpriseServer } = getVersionInfo(currentVersion) const { isEnterpriseCloud, isEnterpriseServer } = getVersionInfo(currentVersion)
if (isEnterpriseServer && !allVersions[currentVersion]) {
return next()
}
const versionPath = isEnterpriseCloud const versionPath = isEnterpriseCloud
? 'ghec' ? 'ghec'
: isEnterpriseServer : isEnterpriseServer

8
src/secret-scanning/tests/rendering.ts
View File

@@ -17,4 +17,12 @@ describe('secret-scanning pipeline', () => {
const page = await get(`/${targetFilename}`, { followRedirects: true }) const page = await get(`/${targetFilename}`, { followRedirects: true })
expect(page.statusCode).toBe(200) expect(page.statusCode).toBe(200)
}) })
test('should not crash on malformed URL with double version', async () => {
const url =
'/en/enterprise-server@3.11/enterprise-cloud@latest/code-security/secret-scanning/introduction/supported-secret-scanning-patterns'
const res = await get(url)
// It should probably be a 404 because the URL is invalid, but definitely not a 500
expect(res.statusCode).not.toBe(500)
})
}) })